Antivirus
This section enables you to configure the general behavior of the signature-based antivirus engine.
| Field | Description |
|---|---|
|
File antivirus |
Enable or disable the antivirus protection for the file system. |
|
Mail protection |
Enable or disable the antivirus protection for the mail client installed on users’ computers. Advanced EPDR detects threats received over the POP3 protocol and encrypted variants. |
|
Web browsing antivirus |
Enable or disable the antivirus protection for the web browser installed on users’ computers. Advanced EPDR detects threats received over the HTTP protocol and encrypted variants. |
When Advanced EPDR detects malware or the Cytomic anti-malware laboratory identifies a suspicious file, Advanced EPDR takes one of these actions:
-
Known malware files when disinfection is possible: Replaces the infected file with a clean copy.
-
Known malware files when disinfection is not possible: Makes a copy of the infected file and deletes the original file.
Threats to detect
Configure the types of threats that Advanced EPDR searches for and removes from the file system, mail client, and web client installed on user computers.
| Field | Description |
|---|---|
|
Detect viruses |
Detects files that contain patterns classified as dangerous. |
|
Detect hacking tools and PUPs |
Detects unwanted programs (such as programs with intrusive ads and browser toolbars) and tools used by hackers to gain access to your system. |
|
Enables anti-exploit and heuristic technologies that analyze process behavior locally and detect suspicious activity. |
|
|
Detect phishing |
Detects fraudulent emails and websites. |
|
Do not detect threats at the following addresses and domains |
Type IP addresses and domains you want to exclude from phishing scans, separated by commas. This text box is not case-sensitive. Access is allowed to all addresses that start with the specified IP addresses and domains, even if the full URL is longer. |
|
Create Decoy Files to help detect ransomware |
Creates bait files on user computers that are permanently monitored by Advanced EPDR. If they are modified, these files identify the process that modified them as ransomware, ending it to prevent mass encryption of the file system. |
File types
Specify the types of files to be scanned by Advanced EPDR:
| Field | Description |
|---|---|
|
Scan compressed files on disk |
Decompresses compressed files and scans their contents for malware. |
|
Scan compressed files in emails |
Decompresses email attachments and scans their contents for malware. |
|
Scan all files regardless of their extension when they are created or modified (Not recommended) |
Many types of data files do not pose a threat to the security of computer networks. When you enable this option, the solution scans all files when they are created or modified. For best performance, we recommend that you do not enable this option. |